use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class BulkOperationSample method main.
public static void main(String[] args) {
if (args.length != 4) {
System.out.println("Usage: java BulkOperationSample <username>" + " <password>" + " <keyname> <datafile>");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String keyName = args[2];
String fileName = args[3];
NAESession session = null;
try {
// Getting session and key
session = NAESession.getSession(userName, password.toCharArray());
NAEKey key = NAEKey.getSecretKey(keyName, session);
// Getting instance for the bulk operation. Should be called
// whenever bulk operation needs to be performed.
AbstractNAECipher encryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
// read the contents from the file and write into the arrays
readContentsFromFileAndWriteToArrays(fileName);
// initializing the cipher for encrypt operation
encryptCipher.init(Cipher.ENCRYPT_MODE, key, spec[0]);
// Map to store exceptions while encryption
Map<Integer, String> encryptedErrorMap = new HashMap<Integer, String>();
// performing bulk operation
byte[][] encryptedData = encryptCipher.doFinalBulk(data, spec, encryptedErrorMap);
// displaying the encrypted data
displayData(encryptedData, "Encrypted data");
// cipher instance for decryption
AbstractNAECipher decryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
// initializing the cipher for decrypt operation
decryptCipher.init(Cipher.DECRYPT_MODE, key, spec[0]);
// Map to store exceptions while decryption
Map<Integer, String> decryptedErrorMap = new HashMap<Integer, String>();
// performing bulk operation
byte[][] decryptedData = decryptCipher.doFinalBulk(encryptedData, spec, decryptedErrorMap);
// displaying the decrypted data
displayData(decryptedData, "Decrypted Data ");
} catch (Exception e) {
e.printStackTrace();
} finally {
// releasing session
if (session != null) {
session.closeSession();
}
}
}
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CachingSample method oneShotEncrypt.
public void oneShotEncrypt(NAESession session, String keyname, String algorithm, String plainText, String ivStr) {
Cipher encryptCipher = null;
Cipher decryptCipher = null;
try {
NAEKey pkey = NAEKey.getSecretKey(keyname, session);
encryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
if (ivStr == null) {
encryptCipher.init(Cipher.ENCRYPT_MODE, pkey);
byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
decryptCipher.init(Cipher.DECRYPT_MODE, pkey);
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} else {
byte[] iv = ivStr.getBytes();
IvParameterSpec ivSpec = new IvParameterSpec(iv);
encryptCipher.init(Cipher.ENCRYPT_MODE, pkey, ivSpec);
byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
decryptCipher.init(Cipher.DECRYPT_MODE, pkey, ivSpec);
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
}
} catch (Exception e) {
e.printStackTrace();
System.out.println("Exception = " + e);
}
}
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPDatesAndStatesSample method main.
public static void main(String[] args) throws Exception {
String keyName = null;
int keyLength = 256;
if (args.length != 3) {
usage();
}
keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// create KMIP Session - specify client X.509 certificate and keystore password
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// create key custom attributes
NAEKey key = null;
deleteIfExists(keyName, session, key);
/* create a secret key using JCE key generator */
NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) null, session);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secretKey = kg.generateKey();
System.out.println("Created new key " + ((NAEKey) secretKey).getName());
/* cast to NAEKey and list the default attribute names */
Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
System.out.println(defaultAttributes);
key = ((NAEKey) secretKey);
KMIPAttributes getState = new KMIPAttributes();
getState.add(KMIPAttribute.State);
getState.add(KMIPAttribute.ActivationDate);
getState.add(KMIPAttribute.InitialDate);
getState.add(KMIPAttribute.DeactivationDate);
KMIPAttributes gotState = key.getKMIPAttributes(getState);
System.out.println("State = " + gotState.getState());
System.out.println("InitialDate = " + sdf.format(gotState.getDate(KMIPAttribute.InitialDate).getTime()));
System.out.println("ActivationDate = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
key = ((NAEKey) secretKey);
System.out.println("Activating:");
key.activate();
gotState = key.getKMIPAttributes(getState);
defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
System.out.println(defaultAttributes);
System.out.println("State = " + gotState.getState());
System.out.println("ActivationDate = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
// now deactivate it
Calendar c = Calendar.getInstance();
c.setTimeInMillis((gotState.getDate(KMIPAttribute.ActivationDate)).getTime().getTime());
System.out.println("Deactivating as of " + sdf.format(c.getTime()));
KMIPAttributes modDates = new KMIPAttributes();
modDates.addDate(KMIPAttribute.DeactivationDate, c);
key.addKMIPAttributes(modDates);
;
defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
System.out.println(defaultAttributes);
gotState = key.getKMIPAttributes(getState);
System.out.println("State = " + gotState.getState());
System.out.println("Dectivation Date = " + ((gotState.getDate(KMIPAttribute.DeactivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPCreateSymmetricKeySample method main.
public static void main(String[] args) throws Exception {
String keyName = null;
int keyLength = 256;
if (args.length != 3) {
usage();
}
keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// create KMIP Session - specify client X.509 certificate and keystore password
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
NAEKey key;
try {
/* does the key exist? if so, delete it */
/* get..Key method is merely a placeholder for a managed object
* with that name. */
key = NAEKey.getSecretKey(keyName, session);
/* getUID() will throw an exception if the key does not exist */
if (key.getUID() != null) {
// exists if Unique Identifier is not null
System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
key.delete();
}
} catch (Exception notFound) {
}
/* create a secret key on the Key Manager using JCE key generator */
KMIPAttributes initialAttributes = new KMIPAttributes();
initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, session);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secretKey = kg.generateKey();
System.out.println("Created key " + ((NAEKey) secretKey).getName());
/* cast to NAEKey and list the default attribute names */
Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
System.out.println(defaultAttributes);
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class WrapKeySample method main.
public static void main(String[] args) {
Security.addProvider(new IngrianProvider());
if (args.length != 5) {
System.err.println("Usage: java WrapKeySample user password keyToWrapName wrappingKeyName groupName");
System.exit(-1);
}
String userName = args[0];
String passWord = args[1];
String keyToWrapName = "WrapSamplePair" + args[2];
String wrappingKeyName = "WrapSampleKey" + args[3];
String groupName = args[4];
NAESession session = null;
try {
// Create an NAESession.
session = NAESession.getSession(userName, passWord.toCharArray());
NAEParameterSpec spec = new NAEParameterSpec(keyToWrapName, true, true, 256, session);
// Delete any existing keys from this sample.
NAEKey keyToDelete = NAEKey.getSecretKey(keyToWrapName, session);
deleteExistingKeys(wrappingKeyName, session, keyToDelete);
// Generate an AES key to be wrapped when exported.
KeyGenerator generator = KeyGenerator.getInstance("AES", "IngrianProvider");
// NAEEParameters to pass session
generator.init(spec);
NAEKey keyToBeWrapped = (NAEKey) generator.generateKey();
// Create a public/private RSA key pair to do the key wrapping.
// The AES key will be wrapped with the RSA Public Key, and
// later unwrapped using the RSA Private Key.
KeyPair pair = createKeyPair(session, groupName, wrappingKeyName);
NAEPublicKey publicKey = NAEKey.getPublicKey(wrappingKeyName, session);
NAEPrivateKey privateKey = NAEKey.getPrivateKey(wrappingKeyName, session);
// Init a JCE Cipher in WRAP_MODE to do the key wrapping.
Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
cipher.init(Cipher.WRAP_MODE, publicKey, spec);
// Wrap and export the wrapped AES Key from the Key Manager
// using the cipher.wrap method.
// The key is wrapped with the Public key from the key pair
// on the Key Manager which was generated earlier.
byte[] wrappedKey = cipher.wrap(keyToBeWrapped);
System.out.println("wrapped : " + IngrianProvider.byteArray2Hex(wrappedKey));
System.out.println("Length : " + wrappedKey.length);
// Unwrap the AES key using the private key of the
// generated key pair using the SunJCE provider.
// Export the NAEPrivate key as a JCE PrivateKey.
PrivateKey prKey = privateKey.exportJCEKey();
// Initialize a Cipher based on the SunJCE provider.
// For IBM Java, change the provider from "SunJCE" to "IBMJCE"
// Note the use of PKCS1Padding.
Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunJCE");
cipher2.init(Cipher.UNWRAP_MODE, prKey);
// Unwrap the wrapped key from the bytes returned from the
// Key Manager.
Key unWrappedKey = cipher2.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
System.out.println("Unwrapped: " + IngrianProvider.byteArray2Hex(unWrappedKey.getEncoded()));
System.out.println("Original : " + IngrianProvider.byteArray2Hex(keyToBeWrapped.export()));
if (Arrays.equals(keyToBeWrapped.export(), unWrappedKey.getEncoded()))
System.out.println("Unwrapped key bytes equal original key bytes");
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Aggregations